With logging on, the Rust logger trace messages do indeed cause the
sender to abort near the beginning of the upload.
Change-Id: I9ed150db1ad557034d1aefcc99385d771be3edd5
GitOrigin-RevId: 3815d6b21db1dc4978b19fc9b4307007d03e4b12
Using a buffered reader instead of the byte-at-a-time implementation
avoids doing a syscall for each byte.
Change-Id: Ia7bc42e4836593f358ff964962c910f8c94b6f8e
GitOrigin-RevId: e70697d398b07d6de6f03d1d0a4b5204139bc59a
Over-optimized the marhaling logic--we Need to convert &str's to CString's
to get the trailing \0 (same lesson learned doing StorageManager).
Change-Id: I97e8d35947dcb32989dc68f11dd422433c00aa02
GitOrigin-RevId: c775bfc3c568ee3dcae32928a422c5178495e77f
* changes:
Replace SeL4Debug with direct syscalls.
sel4-sys: fix conditional syscall numbering
sel4-sys: use target_arch &co to select target architecture
kata-os-common: add sel4-sys support for riscv32
kata-os-common: cleanup sel4-sys before bringing in local changes
kata-os-common: pristine import of sel4-sys-0.0.28 (-seL4 submodule)
GitOrigin-RevId: 36ee1d4f9e521b60fdc6b91f2581413b55882fca
Reading one byte at a time in a loop causes excessive syscalls. For
example, ZMODEM needs to do this when finding the end of each frame.
This change copies parts of std::io needed to wrap a Read in a BufReader
so that the read will be done eagerly.
It enables buffered UART reads for the whole DebugConsole at the point
where its single Read object is initialized.
Change-Id: I19935ca02333bc74d9b581d384a1854968ac5329
GitOrigin-RevId: 1aa80e036561a6a18e79dbf28bcab240efe80cd1
Create a new VectorCoreReturnInterface for the connection from the
VectorCoreDriver to MlCoordinator. Retrieve the return code and fault
from the finish IRQ handler back to MlCoordinator. It can be served as
the hook for the continuous run.
Change-Id: I6346cca0bc372e5b3a80d70b333d42ba768e822f
GitOrigin-RevId: bae4ab68418ce7ac9d4ac5ebb86bb6e55993b7cd
- convert &str's directly to C strings (w/o passing through
CString::new); this eliminates the need for cstr_core::CString
but potentially permits strings with embedded \0's
- add a From trait to streamline return handling
Change-Id: Ia854aaa297708e47abf310697954c4c18cafc14e
GitOrigin-RevId: b4fd9f6a67f9e460ed46274e18cf506bade818b4
- add From traits for mapping return status
- no more need for StorageError::Success w/ switch to Result's
- narrow unsafe blocks where possible
Change-Id: I92e0666e2651eb3647ac4e351d14bf55bc76bbb0
GitOrigin-RevId: 24416448d1c326632f556e224fcca7ac38397dc6
This change adds an "rz" command to the shell that calls a function
rz(). It switches the IO from the shell to a ZMODEM receiver that
produces a Rust upload object that collects the uploaded bytes and
computes a CRC32 checksum on the fly.
In a later change, we will retain the most recent payload in a
shell-owned object until it is consumed by an "install" command.
Limitations:
* Sender hangup will cause the receiver to block forever and the
prompt not to come back, since kata-uart-client does reads that
block forever.
* Logging must be set to a level higher than debug or messages from
the zmodem crate itself corrupt the transfer.
* The sender must rate limit to ~150 bytes/sec to avoid running
too far ahead of the Renode UART, which drops bytes when the RX
FIFO is full.
* Uploading too big a payload will cause a kata_panic! unless the
heap size is increased in kata-debug-console/src/run.rs
Demo:
KATA> loglevel error
ERROR
KATA> rz
**B0100000023be50
[Ctrl-C]
$ sz -O ~/random < /tmp/term | pv -L 150 > /tmp/term
Sending: random
Bytes Sent: 15360/ 16384 BPS:26805 ETA 00:00 150 B 0:00:01 [ 146 B/s] [ <=> Bytes Sent: 16384 BPS:144 ]
Transfer complete
16.6KiB 0:01:53 [ 149 B/s] [ <=> ]
$ stty sane -echo -icanon; socat - /tmp/term 2> /dev/null; stty sane;
size: 16384, crc32: 991b1d60
KATA>
[Ctrl-C]
$ crc32 ~/random
991b1d60
Change-Id: I53252b821a829a667a23a9fd072f71c6955fdc1a
GitOrigin-RevId: c818a35f186dcd8c083891bfaa84ad0a9f9fef7d
This change makes the ZMODEM API use separate references for the input
and output communications channels, which is better adapted to the
established pattern in kata-shell.
Consuming up to the "OO" (over-and-out) bytes from the sender is also
included as a small throw-in. Preliminary dev runs have revealed that
the sz utility from lrzsz always sends "OO", preceded by 2 bytes of
unclear purpose, even after getting the ZFIN from the receiver.
Change-Id: Ib25261ad4c9054a3403ed5910aeacd62fbd6b93c
GitOrigin-RevId: 452cdaa41f473c0c3781faaf3bd1958b9803bb3a
This fixes a build break that happened without any intervening commit in
our repo. How that could happen is not yet pinpointed, and there has
been no increment in the minor version number of postcard for 2 months.
It appears that postcard was somehow triggering serde to use std, which
is a default feature for serde.
Change-Id: I7ed989976aa1bf75cb440c4070565452571d7306
GitOrigin-RevId: f35b7677e995e5e8245c583ca2c355a04306aea2
- low serialize of request parameters into kata_security_request
- add InstallRequest that passes the package buffer as an opaque ptr
- add EchoRequest for SecurityRequestEcho
- purge (now) unused SecurityRequestData type alias and hide
SECURITY_REQUEST_DATA_SIZE (only used in crate)
- use &str instead of String in serialize requests (from mattharvey@)
- add SreSerializeFailed
Change-Id: Iac1930c0b2fead0f96b87da5d116280865031be2
GitOrigin-RevId: 37df6cd1969b3be2628e2e34f3de8fd129fdbc1b
There is a temporary desire to keep ZMODEM uploads as state in
DebugConsole. Since realistic package ZIP files might be larger than
16KB, this change increases the heap size to have a lot of excess.
Change-Id: Iabb5014cb77cf828f77d4553b7f304248c085114
GitOrigin-RevId: 2ae49570a887d5bd2d4672fb3e134c8a1394190e
- add SecurityCoordinator component (needs mailbox support, just
a fake which should be enabled with a feature flag)
- connect to ProcessManager & MlCoordinator - temproarily connect
to DebugConsole to enable scecho test command
- expand Bundle to hold application information (may need more elf)
- connect ProcessManager::{install, uninstall} to SecurityCoordinator
(no application binary yet, needs global page allocator)
Notes:
- SecurityCoordinator depends on camkes for thread synchronization
- private heap is 8KB (and could possible be less; need to tune)
- camkes interface connection uses seL4RPCOverMultiSharedData so ipc
buffers are 4KB; the request & reply serde buffers are 2KB but could
be near 4KB since they are used sequentially and the other params
are a few bytes (but beware of camkes stack allocation)
- the camkes SecurityCoordinator::request rpc is defined so that the
request param has reasonable handling but the reply param requires
a full copy (even if only partly used); haven't found a way to
express the desired handling
Change-Id: I686dc2d501e39bc8c27fe22db40657165a55b472
GitOrigin-RevId: db1536c241e28ddda1dc8f8da341b8c667ed6646
This change does no more than run "cargo fmt" on the sources in the
zmodem directory so that the porting change can be based on formatted
files.
Change-Id: I72789f57bf4d195bdcbd24d04cc08e5d801b6b05
GitOrigin-RevId: 8a27fb27e976c82c10030b6afecfa0fb1980630b
This is commit acdc761522679de2c52e0a7fa2640d48f7bd0ab5 on GitHub.
The project is not actively maintained and requires substantial change
to port to no_std and kata_io traits, making copying more appealing than
tracking upstream.
This change adds the unmodified files as a local diffbase.
Change-Id: I8846f4842d75d01f07b2857998819115a9c449ba
GitOrigin-RevId: 5cb637810ddfa5a35d73d680c16c36855f1b70ef
Sometimes it is useful for kata-io to be API-compatible with std::io
(e.g. porting a ZMODEM library). std::io has a similarly defined alias
where E is its own error type.
Change-Id: Idaf88fb1d41bcb984608d82a0ea222290c78f5c4
GitOrigin-RevId: 5738e6ac705b6fe3b48dd64891808cf50b75afb7
Replace the hand-rolled code to marshal/unmarshal bundle_id's with serde
and postcard. Postcard was selectecd because it works with no_std and has
api's that do not require copying.
Change-Id: I5bec725e42e5f94b4a486669f86e4aeb1322de6c
GitOrigin-RevId: b56e1d39faae0f8705c5d11a62d33db540f2d35c
[NB: this is a step toward adding StorageManager]
- add app_id to Bundle to enable expanding the skeleton framework (for
now this is filled in with the address of the pkg_buffer arg)
- change install api to follow design doc (bundle id comes from manifest)
- mark start & stop api's as needing a mutable self - hide Bundle
internals (more): do not export representation, we will use serde to
pass it through camkes
- remove assumption hashmap of bundles corresponds to StorageManager
contents - use String instead of BundleId and Vec<String> instead
of BundleIdArray in public api's (SmallVec & SmallString are impl
artifacts now pushed down to ProcManager)
- adjust unit tests (ditch kata-proc-manager::tests as it adds nothing)
Change-Id: If3d77b031f43c0c867266dbfa66fa31e4ab67033
GitOrigin-RevId: bbadf0b0b09e7978613d57a816363079642e2a45
This CAmkES component demonstrates concurrent control threads when one
of them never calls seL4_Yield (preemption by timer interrupts). It can
be removed when we are sure this is working well. Until then, the log
messages will be visible after issuing "loglevel trace" at the prompt.
Change-Id: Ice1a3ac2e11dc50f5d9d5f790e2de80b58fe269e
GitOrigin-RevId: d20266a6add4f3d4d673a492a3b0ab70663e0308
- change early logging (pre kata-shell prompt) to trace level so by
default nothing shows up unless kata-debug-console::pre_init sets
log::set_max_level to Trace (default is Debug)
- log allocator init's in caller so log msgs identify per-component heap
setups (all the same for now but at some point may diverge)
- shorten kata-shell prompt to "KATA> " - remove unused camkes control's
and consolidate other early work in pre_init and <component>__init hooks
- cargo fmt components
Change-Id: I010eb5cc5af2e379691cb2e62d82dbab32a06bc3
GitOrigin-RevId: badddf46f5ba50fa60e9cbead9f6d99d5ff3808b
With the LogFibonacci component, it became apparent that having
fill_tx_fifo only fill the TX FIFO once would cause only 32 bytes (the
size of the TX FIFO) to be sent out at a time. This was because the
Renode UART is so fast that tx_empty was becoming true again even before
it was cleared from INTR_STATE.
Not clearing INTR_STATE unless rx_buf is empty is enough to fix this by
itself, but to avoid lots of interrupts, we also have fill_tx_fifo loop
until the FIFO is really full.
Change-Id: I4bf2f05770e1a1447b5d79930a446667a268e5dd
GitOrigin-RevId: c61eecb16f6d28c8d9b71605199a62ae01919a41
sparrow_all.repl says this address is for "UART1 for SMC Core," but until
this change we have been using "UART3 (Reserved)."
Change-Id: I149b592f6df484e7bdac4d1bd2a3fc0ab3f813ba
GitOrigin-RevId: 40913f9e26724b6841f4380aa28de1806dcf28e5
This reverts commit 342e260470ba0c194c7f7a0d1006b2f3a2432236.
Reason for revert: adding to same topic as a sim.mk change that runs the same Renode.exe built by "m renode"
Change-Id: I4ad8715e09ec3c0bf56939706a19db9085f806bb
GitOrigin-RevId: 31b22501c04e525394bc43406affb1c4d4829c1f
This reverts commit 010f0d7045d40ea6b0900fc74d79fe92df0fae69.
Reason for revert: kata console fails to come up.
Change-Id: Icab24e9043f967ea76907ce938eef72b2fbf47ac
GitOrigin-RevId: 342e260470ba0c194c7f7a0d1006b2f3a2432236
With Renode at HEAD, this causes an infinite loop. It seems like the
Renode OpenTitan UART does not have "edge triggered" behavior.
Change-Id: Ic553ce34cabaf8287c7969904d6336d1acf339a0
GitOrigin-RevId: 010f0d7045d40ea6b0900fc74d79fe92df0fae69
